From owner-freebsd-questions Wed Jul 24 10:08:53 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA01227 for questions-outgoing; Wed, 24 Jul 1996 10:08:53 -0700 (PDT) Received: from who.cdrom.com (who.cdrom.com [204.216.27.3]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id KAA01222 for ; Wed, 24 Jul 1996 10:08:52 -0700 (PDT) Received: from garion.hq.ferg.com (pm1-12.wmbg.widomaker.com [204.17.220.112]) by who.cdrom.com (8.6.12/8.6.11) with ESMTP id KAA03562 for ; Wed, 24 Jul 1996 10:08:48 -0700 Received: from localhost.hq.ferg.com (localhost.hq.ferg.com [127.0.0.1]) by garion.hq.ferg.com (8.6.12/8.6.12) with SMTP id KAA29896; Wed, 24 Jul 1996 10:15:38 -0400 Message-Id: <199607241415.KAA29896@garion.hq.ferg.com> X-Authentication-Warning: garion.hq.ferg.com: Host localhost.hq.ferg.com didn't use HELO protocol From: Branson Matheson To: Red Barchetta cc: freebsd-questions@freebsd.org In-reply-to: Your message of "Wed, 24 Jul 1996 08:54:01 EDT." <199607241254.IAA08136@pegasus.rutgers.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 24 Jul 1996 10:15:38 -0400 Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk -------- Red Barchetta uttered with conviction: > > 1) is there any reason that just plain old jo e user should avoid > '.' in his path? (I don't see any, but just to make sure.) Generally, and I will probably get blasted for this, I generally setup new users .cshrc with '.' as the last thing in the path: /ump/hq/home/branson/bin/FreeBSD2.1.0-RELEASE /ump/hq/home/branson/bin/scripts /usr/bin /bin /usr/local/bin /letc/bin /usr/games /sbin /usr/sbin /usr/X11R6/bin /etc /usr/etc . > > 2) if '.' appears as the very last entry in root's path is this > still considered a security risk? I'm not so lazy that I'm not > willing to type './command' as root--- just r eally curious about > this type of stuff! depends on if you mistype things... for instance if you type ( as I tend to do ) ruans instead of runas or mdkir instead of mkdir and the fiend is smart enough to have those mispellings as scripts in his local directory. You may or may not notice... once the deed is done and he/she erases the file that did it, you will never know for sure. Also think how many times you cd into /tmp to look at a file.... and execute ls as soon as you get in there ;-) It is generally a good rule of thumb to NOT have '.' in roots path and only system directories in roots path ( /bin /sbin /usr/bin /usr/sbin /usr/local/bin ). > > I know these aren't actually FreeBSD specific questions, but I hope > they will prove to be of interest to some other novice sys admins > out there as well! You might look at _Unix_System_Security_ by David Curry.. on pp35 and 36 there is a nice discourse on how and why to protect root. There are a number of other things out there... but that is a start. -branson ============================================================================= Branson Matheson | Ferguson Enterprises | If Pete and Repeat were System Administrator | W: (804) 874-7795 | sittin on a fence and Pete Unix, Perl, WWW | branson@widomaker.com | fell off, who is left?